@RISK Newsletter for May 26, 2016

The consensus security vulnerability alert.

Vol. 16, Num. 21

This is a weekly newsletter that provides in-depth analysis of the latest vulnerabilities with straightforward remediation advice. Qualys supplies a large part of the newly-discovered vulnerability content used in this newsletter.

CONTENTS:

TOP VULNERABILITY THIS WEEK: Latest Adobe Flash 0-day Flaw Active

Exploited in Nuclear, Neutrino, and Magnitude Exploit Kits

NOTABLE RECENT SECURITY ISSUES SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Latest Adobe Flash 0-day Flaw Active Exploited in Nuclear,Neutrino, and Magnitude Exploit KitsDescription: The most recent Flash zero-day vulnerability that wasdisclosed and and patched by Adobe is currently being actively exploitedin three exploit kits. The Nuclear, Neutrino, and Magnitude exploit kitshave now incorporated exploits for CVE-2016-4117, targeting vulnerableversions of Flash. As a reminder, users who do not require Flash arestrongly encouraged to remove it from their systems. For users who needFlash and/or who do not have the ability to uninstall it, disablingFlash within the browser is strongly recommended to reduce the risk ofcompromise.Reference: http://malware.dontneedcoffee.com/2016/05/cve-2016-4117-flash-up-to-2100213-and.htmlSnort SID: 38874-38875

Title: Magneto Patches Several Security Flaws in Enterprise andCommunity EditionsDescription: Magneto has patched several security flaws in its flagshipeCommerce platform. The two most severe flaws addressed in the latestpatch are remote code execution vulnerabilities whereby anunauthenticated attacker could either execute PHP code using REST orSOAP APIs or forcefully reinstall the application. Magneto has addressedthese two critical flaws as well as four other vulnerabilities in itslatest version, 2.0.6. Administrators are strongly encouraged to updatedtheir Magneto installations to the latest version.Reference: https://magento.com/security/patches/magento-206-security-updatehttp://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/Snort SID: Detection pending release of vulnerability information

RECENT VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE COMPILED BY THE QUALYS VULNERABILITY RESEARCH TEAM

This is a list of recent vulnerabilities for which exploits areavailable. System administrators can use this list to help inprioritization of their remediation activities. The Qualys VulnerabilityResearch Team compiles this information based on various exploitframeworks, exploit databases, exploit kits and monitoring of internetactivity.